Press "Enter" to skip to content

New York Amends Data Breach Notification Requirements

New York’s data breach notification lawNew York Gov. Kathy Hochul recently signed into law A8872-A and S2659-B which amend New York’s data breach notification law. 

The bills, which are identical, do two things:

  1. Require notification of a breach be made to affected residents within 30 days of discovery, as opposed to just “the most expedient time possible and without unreasonable delay,” subject to the needs of law enforcement; and
  2. Require notice to the Department of Financial Services, in addition to the existing requirement to notify the Attorney General, Department of State, and Division of State Police.

The amendments went into effect immediately upon enactment.

Photo: Belikova Oksana/stock.adobe.com

Eric Rosenkoetter is a principal at Maurice Wutscher LLP, and is focused on advising clients with respect to federal and state consumer financial protection laws and data privacy and security, and he is a Certified Information Privacy Professional though the International Association of Privacy Professionals. He also brings to the table experience as a litigator, chief compliance and ethics officer, director of legislative affairs, federal lobbyist, and administrative hearings officer. Eric earned his Juris Doctor from Washington University School of Law, and his Bachelor of Business Administration from Southern Methodist University. He is a member of the International Association of Privacy Professionals, the Receivables Management Association International (RMAI), and ACA International. He is admitted to practice law in Texas and Missouri and in the U.S. District Courts for the Northern, Southern, Eastern, and Western Districts of Texas. For more information, see https://mauricewutscher.com/attorneys/eric-rosenkoetter/

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.